01-31-2023, 07:57 PM
Any good tips for hacking an iis 7.5 server? It does not seems vulnerable to XSS. Tried directory traversal, but was unable to find anything useful. The ::$Index_Allocation method seems to work only if you are on machines running on local servers. Also after few deep scans i found open port running RDP, that Shodan has missed. haven't tried bruteforcing the creds though.